Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-4033 | 5.1 |
Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize.
|
17-10-2018 - 21:33 | 09-08-2006 - 22:04 | |
CVE-2006-4046 | 7.5 |
Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a
|
17-10-2018 - 21:33 | 09-08-2006 - 23:04 | |
CVE-2006-3861 | 4.0 |
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases. This vulnerability is addressed in the following product r
|
17-10-2018 - 21:32 | 08-08-2006 - 22:04 | |
CVE-2006-3997 | 7.5 |
PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.
|
17-10-2018 - 21:32 | 05-08-2006 - 01:04 | |
CVE-2006-3986 | 7.5 |
PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter.
|
17-10-2018 - 21:32 | 05-08-2006 - 00:04 | |
CVE-2006-3860 | 7.5 |
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the (1) "SET DEBUG FILE" SQL command, and the (2) start_onpload and (3) dbexp functions.
|
17-10-2018 - 21:32 | 17-08-2006 - 01:04 | |
CVE-2006-3993 | 5.1 |
PHP remote file inclusion vulnerability in copyright.php in Olaf Noehring The Search Engine Project (TSEP) 0.942 allows remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter. Successful exploitation requires t
|
17-10-2018 - 21:32 | 05-08-2006 - 00:04 | |
CVE-2006-3862 | 7.5 |
Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable). This vulnerability is addressed in the foll
|
17-10-2018 - 21:32 | 08-08-2006 - 22:04 | |
CVE-2006-3961 | 6.8 |
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean
|
17-10-2018 - 21:32 | 01-08-2006 - 21:04 | |
CVE-2006-3858 | 2.1 |
IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in plaintext in shared memory, which allows local users to obtain passwords by reading the memory (product defects 171893, 171894, 173772). This vulnerabili
|
17-10-2018 - 21:32 | 08-08-2006 - 22:04 | |
CVE-2006-3857 | 6.5 |
Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.00.TC3 allow remote authenticated users to execute arbitrary code via (1) the getname function, as used by (a) _sq_remview, (b) _sq_remproc, (c) _sq_re
|
17-10-2018 - 21:31 | 08-08-2006 - 22:04 | |
CVE-2006-3856 | 2.1 |
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors. This vulnerability is addressed in the following product releases:
IBM, Informix IDS, 9.40
|
17-10-2018 - 21:31 | 08-08-2006 - 22:04 | |
CVE-2006-3855 | 6.5 |
The ifx_load_internal function in IBM Informix Dynamic Server (IDS) allows remote authenticated users to execute arbitrary C code via the DllMain or _init function in a library, aka "C code UDR." This vulnerability is addressed in the following produ
|
17-10-2018 - 21:31 | 08-08-2006 - 22:04 | |
CVE-2006-3853 | 5.1 |
Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 and 10.00 before 10.00.TC3, when running on Windows, allows remote attackers to execute arbitrary code via a long username. This vulnerability is only present in a Windows environme
|
17-10-2018 - 21:31 | 08-08-2006 - 22:04 | |
CVE-2007-0205 | 7.5 |
Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and earlier allows remote attackers to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leverage
|
16-10-2018 - 16:31 | 11-01-2007 - 22:28 | |
CVE-2007-0202 | 7.5 |
SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lang parameter.
|
16-10-2018 - 16:31 | 11-01-2007 - 11:28 | |
CVE-2017-16613 | 7.5 |
An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechani
|
12-12-2017 - 18:03 | 21-11-2017 - 13:29 | |
CVE-2006-3998 | 7.5 |
PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.
|
19-10-2017 - 01:29 | 05-08-2006 - 01:04 | |
CVE-2000-1134 | 7.2 |
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via
|
19-10-2017 - 01:29 | 09-01-2001 - 05:00 | |
CVE-2008-4760 | 6.8 |
SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
29-09-2017 - 01:32 | 28-10-2008 - 02:00 | |
CVE-2016-3497 | 4.9 |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-5469 and CVE-2016-5471.
|
01-09-2017 - 01:29 | 21-07-2016 - 10:12 | |
CVE-2006-3321 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in openforum.asp in OpenForum 1.2 Beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ofdisp and (2) ofmsgid parameters.
|
20-07-2017 - 01:32 | 30-06-2006 - 10:05 | |
CVE-2004-1398 | 4.6 |
Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via format string specifiers in the extension argument.
|
11-07-2017 - 01:30 | 31-12-2004 - 05:00 | |
CVE-2015-3347 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback.
|
06-12-2016 - 03:00 | 21-04-2015 - 16:59 | |
CVE-2015-3348 | 3.5 |
Cross-site scripting (XSS) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.
|
06-12-2016 - 03:00 | 21-04-2015 - 16:59 |